package com.macro.mall.tiny.expression;

import com.macro.mall.tiny.domain.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import java.util.List;

//自定义权限校验方法

@Component("ex")
public class SGExpressionRoot {

    public boolean hasAuthority(String authority){
        //获取当前用户权限
        Authentication authentication= SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser=(LoginUser) authentication.getPrincipal();
        List<String> resources=loginUser.getPermissions();

        //判断用户是否具有该权限
        for(String resource:resources){
            resource=resource.substring(0, resource.length() - 3);
            if(resource.equals(authority)){
                return true;
            }
        }
        return false;
    }

}
